CVE-2011-1478 | Date: (C)2011-10-23 (M)2024-02-22 |
The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 5.7 |
Exploit Score: 5.5 |
Impact Score: 6.9 |
|
CVSS V2 Metrics: |
Access Vector: ADJACENT_NETWORK |
Access Complexity: MEDIUM |
Authentication: NONE |
Confidentiality: NONE |
Integrity: NONE |
Availability: COMPLETE |
| |